Search results

The purpose of this paper is to show how the core knowledge management (KM) principles of business focus, accountability and operational support can be applied to information risk management to create risk intelligence.

The paper looks at risk intelligence strategy in information governance, the fundamental KM principles – business focus, accountability and operational support.

The paper finds that a risk intelligence strategy gets the most business value from information governance and information risk management. Developing risk intelligence maximizes the return on value from information risk management investments.

The paper is of value in showing how enterprises can get started on implementing a risk intelligence strategy.

The aim of this paper is, first, to discuss how the risk perceptions of computer end‐users may be influenced by improving the process of risk communication by embedding symbols and graphics within information security messages. The second aim is to describe some pilot study research that the authors have conducted in an attempt to ascertain whether the embedding of symbols and graphics within information security messages achieves a shift in the risk perceptions of computer end‐users.

Two pilot studies were undertaken. The objective of each study was to establish whether the embedding of a relevant graphic relating to some known aspect of information security, when placed inside an information security message, would have any influence on the information security risk perceptions of any individual to whom the message was being communicated. In both studies, the method of eliciting a response from each participant involved the use of a type of semantic differential (SD) grid.

On completing an analysis of the responses to the SD grid survey for both studies, no statistically significant differences were detected between the groups with respect to any of the six relevant scales. Nevertheless, it seems that the differences were large enough for the present authors to be convinced that the SD measures used are an appropriate survey technique for future studies in a workplace environment.

The research subjects (i.e. survey participants) for both pilot studies were students of the University of South Australia. There are many ways in which information risk communication could be made more effective and this paper only attempts to show how graphics and symbols could be used to convey risk messages more effectively. This paper does not in any way attempt to provide any “silver‐bullet” solutions for management in terms of what they can do towards managing information risk.

The ultimate objective of this research is to subsequently advise management on how they can communicate information risk simply and more effectively to achieve the final outcome, i.e. the mitigation of actual risks.

It is believed that, if the effectiveness of the various forms of risk communication within an organisation can be increased, then the general perception of the risks to the information systems will be more realistic.

This study investigates how disclosure of the board of directors’ leadership and role in risk oversight (BODs oversight disclosure) influences investors’ judgments when information on risk exposures is disclosed. The theoretical lens through which we examine this issue involves negativity bias. Sixty-two stock market investors who engage in the evaluation and/or investment of stocks on a regular or professional basis participated in our study. Our results reveal that the addition of BODs oversight disclosure (positive information) does not carry significant weight on investor judgments (i.e., attractiveness and investment) when financial statement disclosures indicate a high level of operational and financial risk exposures (negative information). In contrast, under the condition of a low level of risk exposures, BODs oversight disclosure causes investors to assess higher risk in terms of worry, catastrophic potentials and unfamiliarity about risk information and, in turn, make less favorable investor judgments. Our findings add to the literature on negativity bias and contribute to the debate on the usefulness of disclosures about risk.

Information technologies have been deliberately targeted towards enhancing database access, analytical powers and the communications capacity of marketers. The justification for these efforts has been based on the premise that more and better quality information will result in reduced uncertainty and improved risk perceptions in decision situations. This premiss is examined in the context of decision maker behaviour, drawing on empirical research involving 50 managers undertaking strategic analysis and decisions. The research methodology employed a computer‐based simulation of a strategic decision situation, enabling the managers to access structured information databases to support their decision making. Concludes that the initial perceptions of uncertainty and risk relating to the decisions faced are unlikely to be modified irrespective of the quantity or quality of the information transmitted and processed by the decision maker. The evidence suggests that the decision maker may also construct their decision‐taking behaviour to constrain the opportunity for new information to alter the initial perceptions and choices made.

This paper aims to identify various information risks that could impact a supply chain, and develops a conceptual framework to quantify and mitigate them.

Graph theory has been used to quantify information risks while interpretive structural modelling (ISM) is employed to understand the interrelationships among the enablers of information risks mitigation.

The research presents a classification of the enablers of information risks mitigation according to their driving power and dependence. It also presents a risk index to quantify information risks. The research suggests that management should focus on improving the high driving power enabler variables.

The proposed risk index and the hierarchy‐based model would help to develop suitable strategies to manage information risks in supply chains.

The major contribution of this paper lies in the development of a framework to quantify information risks and a hierarchy based model for their mitigation in context of supply chains.

The purpose of this paper is to examine the voluntary disclosure of risk-related issues, with a focus on credit risk, in graphical reporting for listed banks in the major European economies. It aims to understand if banks portray credit risk-related information in graphs accurately and whether these graphs provide incremental, rather than replicative, information. It also investigates whether credit risk-related graphs provide a fair representation of risk performance or a more favourable impression than is warranted.

A graphical accuracy index was constructed. Incremental information was measured. A multi-level linear model investigated whether credit risk affects the quantity and quality of graphical credit risk disclosure.

Banks used credit risk graphs to provide incremental information. They were also selective, with riskier banks less likely to use risk graphs. Banks were accurate in their graphical reporting, particularly those with high levels of credit risk. These findings can be explained within an impression management perspective taking human cognitive biases into account. Preparers of risk graphs seem to prefer selective omission over obfuscation via inaccuracy. This probably reflects the fact that individuals, and by implication annual report’s users, generally judge the provision of inaccurate information more harshly than the omission of unfavourable information.

This study provides theoretical insights by pointing out the limitations of a purely economics-based agency theory approach to impression management.

The study suggests annual reports’ readers need to be careful about subtle forms of impression management, such as those exploiting their cognitive bias. Regulatory and professional bodies should develop guidelines to ensure neutral and comparable graphical disclosure.

This study provides a substantive alternative to the predominant economic perspective on impression management in corporate reporting, by incorporating a psychological perspective taking human cognitive biases into account.

Health promotion strategies often attempt to change people’s behavior through targeting their risk perceptions. These perceptions may, however, be moderated by other factors. This study therefore aimed at investigating the trustworthiness and consistency of risk information, as well as respondent perceptions of the adequacy of amount received among a representative sample of former smokers, and how this information is related to gender, age, education level and whether using nicotine or not.

The respondents are part of a seven-year follow-up of former smokers in Sweden. Initially, 1400 respondents were contacted, whereof 705 (response rate 50%) answered a Web-survey. The majority (85 %) was still nicotine-free but some made use of nicotine in different forms. The data analysis includes descriptive statistics and logistic regressions.

Most respondents trusted risk information whether offered by the public authorities or came from other sources such as media, and generally perceived that there was an adequate amount. However, there were some differences between the products, where quite a few distrusted information on Nicotine Replacement Therapies (NRTs) and some perceived the information on snus and NRTs as contradictory and too little.

Knowledge about how former smokers perceive information regarding negative aspects of cigarette use may facilitate more effective risk communication with current smokers, and it may also be important for communicating information about other nicotine products to those who are trying to or who already have quit smoking.

The aim of this study is to investigate people's information practices as the SARS-CoV-2 virus took hold in the UK. Of particular interest is how people transition into newly created pandemic information environments and the ways information literacy practices come into view.

The qualitative research design comprised one-to-one in-depth interviews conducted virtually towards the end of the UK's first lockdown phase in May–July 2020. Data were coded and analysed by the researchers using constant comparative and situated analysis techniques.

Transition into new pandemic information environments was shaped by an unfolding phase, an intensification phase and a stable phase. Information literacy emerged as a form of safeguarding as participants engaged in information activities designed to mitigate health, legal, financial and well-being risks produced by the pandemic.

Time constraints meant that the sample from the first phase of this study skewed female.

Findings establish foundational knowledge for public health and information professionals tasked with shaping public communication during times of crisis.

This paper contributes to understandings of the role that information and information literacy play within global and long-term crises.

This is one of the first studies to explore information practices during the COVID-19 pandemic.

The purpose of this paper is to investigate whether the interaction between mandatory and voluntary risk disclosure is a complementary or substitutive consequence of different risk regulatory regimes. The paper is a cross analysis comparing Germany, the US, Italy, France and the UK during the period 2007-2010.

Content analysis is used to examine mandatory and voluntary risk information in corporate annual reports. A framework for the identification and measurement of risk information is developed by considering national and supranational regulations.

A complementary effect between mandatory and voluntary risk disclosure exists in each risk regulation jurisdiction. This effect does not depend on the presence of national risk rules (Germany and the US) as against national risk guidelines (France and the UK). Some cross-country differences emerge in the extent of the complementary effect, which are based on the national risk regulations. Germany shows the highest degree of complementing mandatory with voluntary risk disclosures.

The main limitations relate to the sample size, which is based on the choice of a matched approach and to some country-specific influences on regulatory regimes, which are not analysed. The practical implications refer to the revision or addition of mandated rules by accounting standard setters.

The paper contributes to the literature in two ways. First, it proposes an incremental analysis of corporate risk disclosure by examining the interaction between mandatory and voluntary risk disclosure with a complementary or substitutive consequence in different risk regulatory settings not previously investigated. Second, the paper makes a method-based contribution by developing an original analytical framework based on the analysis of different regulatory regimes.

Information sharing enhances the supply chain profitability significantly, but it may result in adverse impacts also (e.g. leakages of secret information to competitors, sharing of wrong information that result into losses). So, it is important to understand the various risk factors that lead to distortion in information sharing and results in negative consequences. Information risk identification and assessment in supply chain would help in choosing right mitigation strategies. The purpose of this paper is to identify various information risks that could impact a supply chain, and develop a conceptual framework to quantify them.

Bayesian belief network (BBN) modeling will be used to provide a framework for information risk analysis in a supply chain. Bayesian methodology provides the reasoning in causal relationship among various risk factors and incorporates both objective and subjective data.

This paper presents a causal relationship among various information risks in a supply chain. Three important risk factors, namely, information security, information leakages and reluctance toward information sharing showed influence on a company’s revenue.

Capability of Bayesian networks while modeling in uncertain conditions, provides a prefect platform for analyzing the risk factors. BBN provides a more robust method for studying the impact or predicting various risk factors.

The major contribution of this paper is to develop a quantitative model for information risks in supply chain. This model can be updated when a new data arrives.